I think I’m finally sufficiently motivated to be bothered implementing the MT-Blacklist feature to block the increasing number of spam “comments” appearing on Troppo Armadillo. My current best intention is to begin entering IP addresses in the Blacklist starting next time a wave of spam begins appearing (it seems to happen in rotation every week or so, presumably because that’d the rotation time of the web robots the spammers use.
I’m also indebted to Rob Corr for highlighting an innovation called Spam Poison, which explains its function/effect in the following terms:
E-mail collecting robots will be sent in an infinite loop and will get dynamically generated fake e-mail addresses, adding enormous quantities of bogus data to the databases of the spammers, thus polluting those files so badly that they become essentially useless. They will have to clean out their databases or will receive a LOT of returned email
Fight Spam! Click Here! (I hope it doesn’t have a similar effect on Google).
Blocking IP addresses with MT-Blacklist might not be particularly effective, as spammers frequently change the address they post comments from. However, blocking the sites they link to seems to work well, so make sure to regularly update your blacklist. I understand there are some scripts available to automatically update the blacklist at a preset time (daily or weekly) but I haven’t had much success installing them.
Unfortunately, I can’t see Spam Poison being effective for too long. Spammers will soon modify their bots so that they never follow a link to the spampoison.com domain. Until then, however, we should be able to waste their time, effort and resources.
The only solution I can envisage is a script that people can host on their own server, operating on the same principles as Spam Poison. That way, it would be virtually impossible to block all the spambot-trapping URLs, and even if they did it would mean that the spambots no longer visit your site.
SpamPoison was developed after I have analyzed several commercial spambots. In general, there are some parameters the spammer can use to control the spambot action. E.g. number of e-mail addresses from a domain, number of links and depth, etc. SpamPoison faked e-mail addresses are generated using domains owned by spammers (listed in The SpamHaus Project). Each page has different number of e-mail addresses and unique URL (generated subdomain + over 200 domains registered worldwide and owned by our company. Unfortunately, it’s not possible a single site to implement a script similar to SpamPoison because the loop can’t be done using the same domain. Regarding the “spampoison.com” link, we are changing periodically the domain. In fact, some weeks ago we were using “spamsaver.com”. However, the main objective is not trap the big spammers (a police issue) but destimulate the eventual user who intend to use his broadband access to collect e-mails and do spam. As the domains exists, each message requires a tcp conection between mail servers, spending a lot of time and resources. And as the faked e-mail addresses use domains from spammers, is a case of spammers spamming spammers.
Francisco
PS: Please excuse my sorry English
It occurs to me, belatedly, that my last post probably didn’t help in lowering the spam rate…apologies.
Blocking IP addresses with MT-Blacklist might not be particularly effective
Robert is mostly correct. More accurately blocking IP addresses with MT-Blacklist will be wholly ineffective because MT-Blacklist is not an IP address blacklist.
Go and read the troubleshooting section of the online manual (http://www.jayallen.org/projects/mt-blacklist/latest/) and you will find the question you would soon be asking if you started putting IP addresses on your blacklist.
Wow, the creators of both Spam Poison and MT-Blacklist rocked up to comment! Thanks, guys!
Fransisco, I wasn’t aware that you use more than one domain. That was my main concern, and I’m certainly impressed that you’ve registered 200!
Thanks for providing a great community service.
I have implemented MT- Blacklist on the whole domain- I’m not sure how to configure it so that the other bloggers can use it though. If you get a spam comment, please forward it to me and I’ll deal with it.
Ken: You should talk to Gary Gravett about this, he seems to have solved the spam problem on our domain. I don’t know how though.